<?php  if (!defined('BASEPATH')) exit('No direct script access allowed');
/**
 * CodeIgniter
 *
 * An open source application development framework for PHP 4.3.2 or newer
 *
 * @package		CodeIgniter
 * @author		Rick Ellis
 * @copyright	Copyright (c) 2006, EllisLab, Inc.
 * @license		http://www.codeignitor.com/user_guide/license.html
 * @link		http://www.codeigniter.com
 * @since		Version 1.0
 * @filesource
 */

// ------------------------------------------------------------------------

/**
 * CodeIgniter User Class v2.1
 *
 * This class contains functions that will give you the option to run a Member/User/Login system
 *
 * @package		CodeIgniter
 * @subpackage	Libraries
 * @category	User System
 * @author		Timothy Wood [codearachnid]
 * @link		http://www.codearachnid.com/
 *
 */
class Userauth {
	
	/**
	 * Constructor
	 *
	 * Get instance for Database Lib
	 *
	 * @access	public
	 */
	function Userauth()
	{
		$this->CI =& get_instance();
		
		log_message('debug', "User Class Initialized");
	}
	
	// --------------------------------------------------------------------

	/**
	 * Register User
	 *
	 * @access	public
	 * @param	string	the username
	 * @param	string	the password
	 * @param	string	the email
	 * @param	string	the ip
	 * @param	integer	the status
	 * @param	boolean	check for email
	 * @param	boolean	check for IP
	 * @return	string	if the user was created, if not returns errors in Unordered List
	 */
	function register( $username, $password, $email, $name = '', $status = 1, $emailcheck = TRUE, $ipcheck = TRUE )
	{
		if( $ipcheck )
		{
			$qip = $this->CI->db->query( "SELECT * FROM `users` WHERE ip='" . mysql_real_escape_string( $_SERVER[ 'REMOTE_ADDR' ] ) . "'" );
			if( $qip->num_rows( ) > 0 )
			{
				return 'This IP is already assigned to an account.';
			}
		}
		
		if( $emailcheck )
		{
			$qemail = $this->CI->db->query( "SELECT * FROM `users` WHERE email='" . mysql_real_escape_string( $email ) . "'" );
			if( $qemail->num_rows( ) > 0 )
			{
				return 'This IP is already assigned to an account.';
			}
		}
		
		$qusername = $this->CI->db->query( "SELECT * FROM `users` WHERE username='" . mysql_real_escape_string( $username ) . "'" );
		if( $qusername->num_rows( ) > 0 )
		{
			return 'This username is already taken.';
		}
		
		$this->CI->db->query( "INSERT INTO `users`
							( username, password, email, name, ip, status )
							VALUES
							( '" . mysql_real_escape_string( $username ) . "', '" . sha1( md5( $password ) ) . "', '" . mysql_real_escape_string( $email ) . "', '" . mysql_real_escape_string( $name ) . "', '" . mysql_real_escape_string( $_SERVER[ 'REMOTE_ADDR' ] ) . "', '" . mysql_real_escape_string( $status ) . "' )" );
							
		return 'You have successfully registered '.$username.' as a user!';
	}
	
	// --------------------------------------------------------------------

	/**
	 * Update User
	 *
	 * @access	public
	 * @param	string	the username
	 * @param	string	the password
	 * @param	string	the email
	 * @param	string	the ip
	 * @param	integer	the status
	 * @return	string	if the user was created, if not returns errors in Unordered List
	 */
	function update( $username, $email = '', $password = '', $name = '', $status = 1 )
	{
		if(!empty($username)) {
      $data2update = array();
      if(!empty($email))    $data2update['email'] = $email;
      if(!empty($password)) $data2update['password'] = sha1( md5( $password ) );
      if(!empty($name))     $data2update['name'] = $name;
      if($status !== FALSE) $data2update['email'] = $status;
      
      $this->CI->db->where('username', $username);
      $this->CI->db->update('users', $data2update); 
							
			return TRUE;
		} else {
			return FALSE;
		}
		
	}
	
	// --------------------------------------------------------------------

	/**
	 * Login User
	 *
	 * @access	public
	 * @param	string	the username
	 * @param	string	the password
	 * @return	boolean	if the user was logged in or not
	 */
	function login( $username = '', $password = '' )
	{
    if(!empty($username) && !empty($password))
		  $query = $this->CI->db->getwhere('users', array('username'=>$username,'password'=>$password));
  		if( $query->num_rows( ) == 0 ) return FALSE;
  
  		$this->CI->session->set_userdata( array(
  						'username'	=>	$username,
  						'password'	=>	sha1( md5( $password ) ) ) );
  		
  		return TRUE;

  	} else {
      return FALSE;
    }
	}
	
	// --------------------------------------------------------------------

	/**
	 * Logged in
	 *
	 * @access	public
	 * @return	boolean	if the user is logged in or not
	 */
	function logged_in( )
	{
    $username = $this->CI->session->userdata( 'username' );
    $password = $this->CI->session->userdata( 'password' );
    if(!empty($username) && !empty($password))
		  $query = $this->CI->db->getwhere('users', array('username'=>$username,'password'=>$password));
  		if( $query->num_rows( ) == 1 ) {
  			return TRUE;
  		} else {
  			return FALSE;
  		}
  	} else {
      return FALSE;
    }
	}
	
	// --------------------------------------------------------------------

	/**
	 * Forgot Username or Password
	 *
	 * @access	public
	 * @param	string	the email
	 * @param	integer	length of new password
	 * @return	boolean	if the email was found and email was sent
	 */
	function forgot( $email, $length = 8 )
	{
  	$this->CI->db->select('email');
		$this->CI->db->from('users');
		$this->CI->db->where('email',$email);
  	$query = $this->CI->db->get();
		if( $query->num_rows( ) > 0 ) {
			$new = '';
			for( $i = 1; $i <= $length; $i++ ) {
				$new .= rand( 1, 9 );
			}
			$this->CI->db->where('email', $email);
			$this->CI->db->update('users', array('password' => sha1( md5( $new ) ))); 
			$this->CI->load->library('email');
			$this->CI->email->from($this->CI->config->item('site_email_reply'), $this->CI->config->item('site_name'));
			$this->CI->email->to($email);
			$this->CI->email->subject('Your password has been reset');
			$this->CI->email->message("Your new password is: " . $new );
			$this->CI->email->send();
			//echo $this->CI->email->print_debugger();
			return TRUE;
		} else {
			return FALSE;
		}
	}
	
	// --------------------------------------------------------------------

	/**
	 * Get Data
	 *
	 * @access	public
	 * @param	string	the username
	 * @param	string	what row to grab
	 * @return	string	the data
	 */
	function getData( $username = '', $what = '*' )
	{
		$what = (is_array($what)) ? implode(",",$what) : $what;
    $this->CI->db->select($what);
		$this->CI->db->from('users');
		if(!empty($username)) {
			$this->CI->db->where('username',$username);
		}
		$query = $this->CI->db->get();
		if( $query->num_rows( ) == 1 && $username != '') {
			return $query->row_array( );
		} elseif( $query->num_rows( ) > 0 ) {
			return $query->result_array( );
		} else {
			return FALSE;
		}
	}

}
// END User Class
?>
